Data Security | News
August Data Breaches Strike Yale and 4 Other Schools
- By Dian Schaffhauser
Yale University joined a number of other schools having to explain data breaches during the month of August. According to multiple media reports, the New Haven, CT institution accidently allowed a Google search engine to index a database containing private information about 43,000 former faculty, staff, and students who were involved with the university in 1999.
Yale administrators are blaming a change made in Google's software for the exposure. The data had been maintained on the same FTP server for years, which was used to store open source files. But in the fall of 2010 Google changed its indexing software to locate and index FTP servers, making the sensitive file public for 10 months, from September 2010 to July 2011.
The breach was discovered June 30 when an individual in that database did a search on his own name and discovered that his Social Security number was publicly displayed.
According to Yale Daily News, the school's newspaper, the university is offering those affected two years of credit monitoring and identity theft insurance.
The University of Wisconsin Milwaukee, Purdue University, North Carolina State University, and Cal Poly Pomona also discovered computer-based data breaches during August. The Wisconsin security incident was the worst, involving 79,000 people. All of the breaches exposed Social Security numbers. All of the institutions said they think none the exposed information was actually stolen or used by anybody.
Dian Schaffhauser is a writer who covers technology and business for a number of publications. Contact her at firstname.lastname@example.org.